CVE
- Id
- 3170
- CVE No.
- CVE-2001-0349
- Status
- Candidate
- Description
- Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.
- Phase
- Modified (20050509)
- Votes
- ACCEPT(7) Armstrong, Balinsky, Cole, Foat, Stracener, Wall, Ziese | MODIFY(1) Frech | REVIEWING(1) Christey
- Comments
- CHANGE> [Balinsky changed vote from REVIEWING to ACCEPT] | Balinsky> Need to decide whether this and 2001-350 one or two vuls, but it is definitely valid. | Frech> XF:win2k-telnet-pipe-privileges(6664) | Christey> CIAC:L-092 | URL:http://www.ciac.org/ciac/bulletins/l-092.shtml | Christey> Consider adding BID:2849 | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> CERT-VN:VU#587587 | URL:http://www.kb.cert.org/vuls/id/587587 | BID:2849 | Microsoft identifies two separate vulnerabilities that are extremely | similar, but the security bulletin states that "The two | vulnerabilities differ primarily in the way they exploit the | underlying problem regarding named pipe creation." So, it may be | necessary to merge CVE-2001-0350 with CVE-2001-0349. | | If one issue is because of predictable names, and another | issue is because pipe ownership isn"t properly verified, then | these could stay SPLIT, and the descriptions should be | modified accordingly.
